General

  • Target

    2024-06-10_009ef466aab3e3c4f50d5a452798e691_cryptolocker

  • Size

    96KB

  • Sample

    240610-z81mka1bna

  • MD5

    009ef466aab3e3c4f50d5a452798e691

  • SHA1

    0a5be01bc0671dadb2ea31d797017fe3779a388f

  • SHA256

    5c99ac393ed6670c72c8086c80528a938965fd834bbd247efd20df557fee0dde

  • SHA512

    03cd84d240dc316137ddd41e114923a862d96594649392195f58007442f9ccbbfbeca57939a8152ed9ff699e2b89e2a74c532fc4a4fa39499cd14662d9a13d47

  • SSDEEP

    1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+E:AnBdOOtEvwDpj6zf

Score
10/10
upx

Malware Config

Targets

    • Target

      2024-06-10_009ef466aab3e3c4f50d5a452798e691_cryptolocker

    • Size

      96KB

    • MD5

      009ef466aab3e3c4f50d5a452798e691

    • SHA1

      0a5be01bc0671dadb2ea31d797017fe3779a388f

    • SHA256

      5c99ac393ed6670c72c8086c80528a938965fd834bbd247efd20df557fee0dde

    • SHA512

      03cd84d240dc316137ddd41e114923a862d96594649392195f58007442f9ccbbfbeca57939a8152ed9ff699e2b89e2a74c532fc4a4fa39499cd14662d9a13d47

    • SSDEEP

      1536:qkmnpomddpMOtEvwDpjJGYQbN/PKwNgp0+E:AnBdOOtEvwDpj6zf

    Score
    9/10
    • Detection of CryptoLocker Variants

    • Detection of Cryptolocker Samples

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks